Welcome to BearlyChilly! 👋
This is where we share our notes, articles, book reviews, and anything else that might be on our mind. Feel free to look around and stay a while! 🙂
Transparent Huge Pages (THP) in Linux and How it Affects Splunk
Transparent Huge Pages (THP) is a Linux kernel feature designed to optimize memory management, but it can significantly impact the performance of certain applications. This article explores the benefits and challenges of THP, with a particular focus on its effects on Splunk performance and how to configure it appropriately for optimal system operation.
How to Send Events to Splunk Using HEC - HTTP Event Collector
HEC (HTTP Event Collector) is a super easy way to send data into Splunk. It opens up the opportunity to quickly update a script or application to send data into Splunk without having to install a forwarder or setting up a syslog server.
Addressing Missing Index Error in Splunk using LastChance
Have you ever encountered a ‘missing index’ error in Splunk and worried about losing your logs? This article shows you how to set up a ’lastchance’ index to catch those wayward logs, ensuring you don’t lose data even when it’s headed for a non-existent index.
Reindex Logs that Have Already Been Indexed by Splunk
What do you do when you want to reindex logs that have already been indexed by Splunk? This article shows you how to use the ‘fishbucket’ method to reindex your data, whether you indexed it into the wrong index or forgot to create an index before applying your inputs.conf.
How to give Splunk access to Linux logs
Don’t just give it root access! Process of onbaording Linux logs into Splunk using ACLs.